At Park Hill School District in Missouri, more than 10,000 current and former staffers and students are being notified that their personal information – including Social Security numbers – was accessed after a former employee made the data accessible from the internet.
How many victims? 10,210.
What type of personal information? Social Security numbers, personnel records and student records were among the information.
What happened? Before leaving the district, a former employee downloaded all files from their computer onto a hard drive, without consent. The former employee connected the hard drive to a home network and all the files became accessible from the internet.
What was the response? The files were taken down from the internet. Park Hill School District is updating policies to more clearly prohibit employees from taking information, and is requiring training for all employee with access to sensitive information. All impacted individuals are being notified, and provided identity monitoring services.
Details: A local resident notified Park Hill School District on April 1 that the data was online. At least one person accessed the files, and left a message notifying the former employee that the information was available online. Park Hill School District reviewed 13,704 documents to identify all impacted individuals.
Quote: “As soon as we completed that list [of impacted individuals], we sent out a letter to everyone whose sensitive information was in the documents, even though we had no evidence of actual theft or misuse of data,” according to the notification.
Source: parkhill.k12.mo.us, “Possible Data Security Incident,” July 8, 2014.